Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

TremendousCoupon


  • Please log in to reply
9 replies to this topic

#1 annoyeduser

annoyeduser

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:36 AM

Posted 23 June 2015 - 08:04 PM

First time here, but the username should say enough.

 

I am having extreme difficulty in removing this type of adware from my computer. I have scanned my computer multiple times, with different anti-malware programs (anti-malware bytes, adwcleaner, and hitman pro), yet after each scan and clean (individual and combined), the hyperlinks and popup ads reappear after a few days. Is there any permanent solution to this besides disabling cookies? Or am I cursed to forever have to "call this number"...



BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:36 AM

Posted 23 June 2015 - 08:23 PM

Download and run wipe  and system ninja,

 

https://privacyroot.com/software/www/en/wipe.php

https://singularlabs.com/software/system-ninja/

 

Go ahead and install ccleaner Now that you have the program installed go ahead and run the cleaner function.

https://www.piriform.com/ccleaner/download
kwLN4uv.png


Now that you have cleaned out some temp files, lets go ahead and disable all of the items starting up with your machine except your antivirus. To do this you will need to click on tools then start up select each item then disable.

GjWwvEu.png

Now that you have disabled those un-needed start ups lets go into the settings, we will have Ccleaner run when your machine boots, so that you will never have to worry about cleaning temp files again.

To do this:

  • Hit options.
  • Settings.
  • Place a tick to run Ccleaner when the computer starts.


Lxioao1.png

Now go to the advanced tab, and select close program after cleaning, now run the cleaner again this will close Ccleaner.

SnqZ2JW.png

 

Reboot your machine and then follow the  instructions below.

 

Step 1: eScanAV.

 

Disable your antivirus prior to this scan.

http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/

Download the eScanAV Anti-Virus Toolkit (MWAV)
http://www.escanav.com/english/content/products/downloadlink/downloadcounter.asp?pcode=MWAV&src=english_dwn&type=alter

 

Source

http://www.escanav.com/english/content/products/downloadlink/downloadproduct.asp?pcode=MWAV
Save the file to your desktop.
Right click run as administrator.
A new icon will appear on your desktop.
Right click run as administrator on new icon.
Click on the update tab.
ZCDJtZN.png
Once you have updated the program, make sure the settings are the same as the picture below.
7DUFn5c.png
Once you have made sure the settings match the picture, hit the Scan & Clean button.
Upon scan completion, click View Log.
ApSVXsQ.png
Copy and paste entire log into your next reply.

Note: Reboot after you remove infections.

 

Step 2: Zemana

 

Run a full scan with Zemana antimalware.

http://www.zemana.us/product/zemana-antimalware/default.aspx

Install and select deep scan.

jdmyscF.jpg

Remove any infections found.

Then click on the icon in the pic below.

DOLGyto.jpg

Double click on the scan log, copy and paste here in your reply.

Note: Reboot after you remove infections.

 

 

Step 3: Junkware Removal Tool.
 
Please download Junkware Removal Tool and save it on your desktop.

Source

http://thisisudax.org/

  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.

Step 4: Adware Cleaner.
 
Please download AdwCleaner by Xplode onto your desktop.


  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Edited by InadequateInfirmity, 23 June 2015 - 08:24 PM.


#3 annoyeduser

annoyeduser
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:36 AM

Posted 23 June 2015 - 10:00 PM

Thank you for your help; I couldn't find a way to attach files, so I'll just copy and paste them directly. 

 

One note, one of the programs said that system ninja was malicious.

_________________________________________________________________________________

MWAV Log:

 

23 Jun 2015 22:07:56 [0c28] - **********************************************************
23 Jun 2015 22:07:56 [0c28] - MWAV - eScanAV AntiVirus Toolkit.
23 Jun 2015 22:07:56 [0c28] - Copyright © MicroWorld Technologies
23 Jun 2015 22:07:56 [0c28] - **********************************************************
23 Jun 2015 22:07:56 [0c28] - Source: C:\Users\user\Downloads\mwav.exe
23 Jun 2015 22:07:56 [0c28] - Version 14.0.189 (C:\USERS\USER\APPDATA\LOCAL\TEMP\MEXETMP.EX~)
23 Jun 2015 22:07:56 [0c28] - Log File: C:\Users\user\AppData\Local\Temp\LOG\MWAV.LOG
23 Jun 2015 22:07:56 [0c28] - MWAV Registered: TRUE
23 Jun 2015 22:07:56 [0c28] - User Account: user (Administrator Mode)
23 Jun 2015 22:07:56 [0c28] - OS Type: Windows Workstation [InstallType: Client]
23 Jun 2015 22:07:56 [0c28] - OS: Windows 8.1 64-Bit [OS Install Date: 09 Jul 2014 17:21:06]
23 Jun 2015 22:07:56 [0c28] - Ver: Personal Build 9200
23 Jun 2015 22:07:56 [0c28] - System Up Time: 11 Minutes, 36 Seconds
23 Jun 2015 22:07:56 [0c28] - Parent Process Name : C:\Users\user\AppData\Local\Temp\mexe.com
23 Jun 2015 22:07:56 [0c28] - Windows Root  Folder: C:\WINDOWS
23 Jun 2015 22:07:56 [0c28] - Windows Sys32 Folder: C:\WINDOWS\system32
23 Jun 2015 22:07:56 [0c28] - DHCP NameServer: 192.168.1.1
23 Jun 2015 22:07:56 [0c28] - Interface0 DHCPNameServer: 192.168.1.1
23 Jun 2015 22:07:56 [0c28] - Local Fixed Drives: c:\
23 Jun 2015 22:07:56 [0c28] - MWAV Mode(A): Scan and Clean files (for viruses, adware and spyware)
23 Jun 2015 22:07:56 [0c28] - [CREATED ZIP FILE: C:\Users\user\AppData\Local\Temp\pinfect.zip]
23 Jun 2015 22:07:56 [0c28] - Command Line Options Given: /xsign
23 Jun 2015 22:07:57 [0c28] - Latest Date of files inside MWAV: Wed Jun 24 03:49:52 2015.
23 Jun 2015 22:07:57 [0c28] - WARNING!!! INVALID SYSTEM DATE 23-06-2015 !!!
23 Jun 2015 22:07:57 [0c28] - Loading/Creating FileScan Cache Database C:\ProgramData\MicroWorld\MWAV\ESCANDBY.MDB [Log: C:\Users\user\AppData\Local\Temp\LOG\ESCANDB.LOG]
23 Jun 2015 22:07:57 [0c28] - Loaded/Created FileScan Cache Database...
23 Jun 2015 22:07:57 [0c28] - Loading AV Library [DB]...
23 Jun 2015 22:08:05 [0c28] - ArchiveScan: DISABLED
23 Jun 2015 22:08:07 [0c28] - AV Library Loaded - MultiThreaded - 8 : [DB-DIRECT].
23 Jun 2015 22:08:07 [0c28] - MWAV doing self scanning...
23 Jun 2015 22:08:07 [0c28] - MWAV files are clean.
23 Jun 2015 22:08:16 [0c28] - ArchiveScan: DISABLED
23 Jun 2015 22:08:16 [0c28] - Virus Database Date: 23 Jun 2015
23 Jun 2015 22:08:16 [0c28] - Virus Database Count: 5710015
23 Jun 2015 22:08:16 [0c28] - Sign Version: 7.61212 [519964]
 
23 Jun 2015 22:08:29 [0c28] - **********************************************************
23 Jun 2015 22:08:29 [0c28] - MWAV - eScanAV AntiVirus Toolkit.
23 Jun 2015 22:08:29 [0c28] - Copyright © MicroWorld Technologies
23 Jun 2015 22:08:29 [0c28] - 
23 Jun 2015 22:08:29 [0c28] - Support: support@escanav.com
23 Jun 2015 22:08:29 [0c28] - Web: http://www.escanav.com
23 Jun 2015 22:08:29 [0c28] - **********************************************************
23 Jun 2015 22:08:29 [0c28] - Version 14.0.189[DB] (C:\USERS\USER\APPDATA\LOCAL\TEMP\MEXETMP.EX~)
23 Jun 2015 22:08:29 [0c28] - Log File: C:\Users\user\AppData\Local\Temp\LOG\MWAV.LOG
23 Jun 2015 22:08:29 [0c28] - User Account: user (Administrator Mode)
23 Jun 2015 22:08:29 [0c28] - Parent Process Name : C:\Users\user\AppData\Local\Temp\mexe.com
23 Jun 2015 22:08:29 [0c28] - Windows Root  Folder: C:\WINDOWS
23 Jun 2015 22:08:29 [0c28] - Windows Sys32 Folder: C:\WINDOWS\system32
23 Jun 2015 22:08:29 [0c28] - OS: Windows 8.1 64-Bit [OS Install Date: 09 Jul 2014 17:21:06]
23 Jun 2015 22:08:29 [0c28] - Ver: Personal Build 9200
23 Jun 2015 22:08:29 [0c28] - Latest Date of files inside MWAV: Wed Jun 24 03:49:52 2015.
23 Jun 2015 22:08:29 [0c28] - Priority: NORMAL
23 Jun 2015 22:08:29 [0c28] - WARNING!!! INVALID SYSTEM DATE 23-06-2015 !!!
 
23 Jun 2015 22:08:29 [0e54] - Options Selected by User:
23 Jun 2015 22:08:29 [0e54] - Memory Check: Enabled
23 Jun 2015 22:08:29 [0e54] - Registry Check: Enabled
23 Jun 2015 22:08:29 [0e54] - StartUp Folder Check: Enabled
23 Jun 2015 22:08:29 [0e54] - System Folder Check: Enabled
23 Jun 2015 22:08:29 [0e54] - Services Check: Enabled
23 Jun 2015 22:08:29 [0e54] - Scan Spyware: Enabled
23 Jun 2015 22:08:29 [0e54] - Scan Archives: Disabled
23 Jun 2015 22:08:29 [0e54] - Drive Check: Enabled
23 Jun 2015 22:08:29 [0e54] - All Drive Check :Disabled
23 Jun 2015 22:08:29 [0e54] - Drive Selected = C:\
23 Jun 2015 22:08:29 [0e54] - Folder Check: Disabled
23 Jun 2015 22:08:29 [0e54] - SCAN: All_Files [ANSI]
23 Jun 2015 22:08:29 [0e54] - MWAV Mode(B): Scan and Clean files (for viruses, adware and spyware)
 
23 Jun 2015 22:08:29 [0e54] - Scanning DNS Records...
23 Jun 2015 22:08:29 [0e54] - Scanning Master Boot Record (User)...
23 Jun 2015 22:08:30 [0e54] - Scanning Logical Boot Records...
23 Jun 2015 22:08:30 [0e54] - ***** Scanning For Hidden Rootkit Processes *****
23 Jun 2015 22:08:30 [0e54] - ***** Scanning For Hidden Rootkit Services *****
 
23 Jun 2015 22:08:36 [0e54] - ***** Scanning Memory Files *****
 
23 Jun 2015 22:08:42 [0e54] - ***** Scanning Registry Files *****
23 Jun 2015 22:08:45 [0e54] - ERROR(3)!!! Invalid Entry  Maintance = "C:\Program Files\\net1.exe" windowsStartup (in key HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run). Action Taken: Removing it.
 
23 Jun 2015 22:08:46 [0e54] - ***** Scanning StartUp Folders *****
23 Jun 2015 22:12:01 [0c28] - Please Wait Exiting Application...
 
23 Jun 2015 22:12:01 [0e54] - ***** Scanning complete. *****
 
23 Jun 2015 22:12:01 [0e54] - Total Objects Scanned: 20389
23 Jun 2015 22:12:01 [0e54] - Total Critical Objects: 0
23 Jun 2015 22:12:01 [0e54] - Total Disinfected Objects: 0
23 Jun 2015 22:12:01 [0e54] - Total Objects Renamed: 0
23 Jun 2015 22:12:01 [0e54] - Total Deleted Objects: 0
23 Jun 2015 22:12:01 [0e54] - Total Errors: 1
23 Jun 2015 22:12:01 [0e54] - Time Elapsed: 00:03:29
23 Jun 2015 22:12:01 [0e54] - Virus Database Date: 23 Jun 2015
23 Jun 2015 22:12:01 [0e54] - Virus Database Count: 5710015
23 Jun 2015 22:12:01 [0e54] - Sign Version: 7.61212 [519964]
 
23 Jun 2015 22:12:01 [0e54] - Scan Completed.
 
23 Jun 2015 22:12:03 [0c28] - Virus Database Date: 23 Jun 2015
23 Jun 2015 22:12:03 [0c28] - Virus Database Count: 5710015
23 Jun 2015 22:12:03 [0c28] - Sign Version: 7.61212 [519964]
 
23 Jun 2015 22:12:06 [0700] - Options Selected by User:
23 Jun 2015 22:12:06 [0700] - Memory Check: Enabled
23 Jun 2015 22:12:06 [0700] - Registry Check: Enabled
23 Jun 2015 22:12:06 [0700] - StartUp Folder Check: Enabled
23 Jun 2015 22:12:06 [0700] - System Folder Check: Enabled
23 Jun 2015 22:12:06 [0700] - Services Check: Enabled
23 Jun 2015 22:12:06 [0700] - Scan Spyware: Enabled
23 Jun 2015 22:12:06 [0700] - Scan Archives: Disabled
23 Jun 2015 22:12:06 [0700] - Drive Check Option Disabled
23 Jun 2015 22:12:06 [0700] - Drive Selected = C:\
23 Jun 2015 22:12:06 [0700] - Folder Check: Disabled
23 Jun 2015 22:12:06 [0700] - SCAN: All_Files [ANSI]
23 Jun 2015 22:12:06 [0700] - MWAV Mode(B): Scan and Clean files (for viruses, adware and spyware)
 
23 Jun 2015 22:12:06 [0700] - Scanning Master Boot Record (User)...
23 Jun 2015 22:12:06 [0700] - Scanning Logical Boot Records...
23 Jun 2015 22:12:06 [0700] - ***** Scanning For Hidden Rootkit Processes *****
23 Jun 2015 22:12:06 [0700] - ***** Scanning For Hidden Rootkit Services *****
 
23 Jun 2015 22:12:10 [0700] - ***** Scanning Memory Files *****
 
23 Jun 2015 22:12:10 [0700] - ***** Scanning Registry Files *****
 
23 Jun 2015 22:12:10 [0700] - ***** Scanning StartUp Folders *****
23 Jun 2015 22:14:13 [0e0c] - ScanFile (C:\ProgramData\Microsoft\Windows Defender\Scans\History\CacheManager\MpScanCache-1.bin) took 8937 ms
 
23 Jun 2015 22:14:14 [0700] - ***** Scanning Service Files *****
23 Jun 2015 22:14:30 [0700] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\TrkWks].
 
23 Jun 2015 22:14:35 [0700] - ***** Scanning Registry and File system for Adware/Spyware *****
23 Jun 2015 22:14:35 [0700] - Loading Spyware Signatures from new External Database [Name: C:\Users\user\AppData\Local\Temp\spydb.avs, Size: 464724]...
23 Jun 2015 22:14:35 [0700] - Indexed Spyware Databases Successfully Created...
 
23 Jun 2015 22:14:37 [0700] - Offending file found: C:\Users\user\Desktop\eclipse-cpp-luna-SR1-win32-x86_64\eclipse\plugins\org.eclipse.cdt.core.win32.x86_64_5.3.0.201409172108\os\win32\x86_64\starter.exe
23 Jun 2015 22:14:37 [0700] - System found infected with PrecisionPop Spyware/Adware (starter.exe)! Action taken: File Deleted.
23 Jun 2015 22:14:37 [0700] - Object "PrecisionPop Spyware/Adware" found in File System! Action Taken: File Deleted.
 
 
23 Jun 2015 22:14:41 [0700] - ***** Scanning Registry Files *****
23 Jun 2015 22:14:41 [0700] - ** Value in HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\main/Start Page = www.google.com
23 Jun 2015 22:14:41 [0700] - ** Deleted Value of "NoActiveDesktop" in "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer". Its value was DWORD:1.
23 Jun 2015 22:14:41 [0700] - ** Deleted Value of "ForceActiveDesktopOn" in "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer". Its value was DWORD:0.
23 Jun 2015 22:14:41 [0700] - ** Deleted Value of "NoComponents" in "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop". Its value was DWORD:1.
23 Jun 2015 22:14:41 [0700] - ** Deleted Value of "NoAddingComponents" in "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop". Its value was DWORD:1.
23 Jun 2015 22:14:41 [0700] - ** Value in 64-bit HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\main/Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
23 Jun 2015 22:14:41 [0700] - ** Value in HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\main/Start Page = www.google.com
23 Jun 2015 22:14:41 [0700] - ** Value in 64-bit HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\main/Start Page = www.google.com
 
23 Jun 2015 22:14:41 [0700] - ***** Scanning System32 Folders *****
 
 
23 Jun 2015 22:15:44 [0700] - ***** Checking for specific ITW Viruses *****
 
23 Jun 2015 22:15:45 [0700] - ***** Scanning complete. *****
 
23 Jun 2015 22:15:45 [0700] - Total Objects Scanned: 83092
23 Jun 2015 22:15:45 [0700] - Total Critical Objects: 1
23 Jun 2015 22:15:45 [0700] - Total Disinfected Objects: 0
23 Jun 2015 22:15:45 [0700] - Total Objects Renamed: 0
23 Jun 2015 22:15:45 [0700] - Total Deleted Objects: 1
23 Jun 2015 22:15:45 [0700] - Total Errors: 0
23 Jun 2015 22:15:45 [0700] - Time Elapsed: 00:03:39
23 Jun 2015 22:15:45 [0700] - Virus Database Date: 23 Jun 2015
23 Jun 2015 22:15:45 [0700] - Virus Database Count: 5710015
23 Jun 2015 22:15:45 [0700] - Sign Version: 7.61212 [519964]
 
23 Jun 2015 22:15:45 [0700] - Scan Completed.
 
___________________________________________________________________________________
 
Zemana Log: 
 
 
Zemana AntiMalware 2.15.2.721 (Installed)
 
-------------------------------------------------------
Scan Result            : Completed
Scan Date              : 2015/6/23
Operating System       : Windows 8.1 64-bit
Processor              : 8X Intel® Core™ i7-3630QM CPU @ 2.40GHz
BIOS Mode              : UEFI
CUID                   : 00E09F380DC68B42620EDF
Scan Type              : Deep Scan
Duration               : 18m 4s
Scanned Objects        : 241314
Detected Objects       : 4
Excluded Objects       : 0
Read Level             : Normal
Auto Upload            : Yes
Include All Extensions : No
Scan Documents         : Yes
Domain Info            : WORKGROUP,1,2
Detected Objects
-------------------------------------------------------
 
Chrome Startup Url
Status             : Scanned
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Traces             :
                Browser Setting - Chrome Startup Url
 
Chrome Homepage
Status             : Scanned
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Traces             :
                Browser Setting - Chrome Homepage
 
ninja-setup-3.0.6.exe
Status             : Scanned
Object             : %userprofile%\downloads\ninja-setup-3.0.6.exe
MD5                : 24FE0BB7A85A866B487D15C0EB6E3A74
Publisher          : -
Size               : 2507200
Version            : 0.0.0.0
Detection          : Adware:Win32/OpenCandy
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\downloads\ninja-setup-3.0.6.exe
 
chrome.dll
Status             : Scanned
Object             : %programfiles%\google\chrome\application\chrome.dll
MD5                : B9038D785C74F3754C2168884A22300F
Publisher          : -
Size               : 79360
Version            : 40.0.2078.28
Detection          : Malware:Win32/Kloom.A!Ekar
Cleaning Action    : Quarantine
Traces             :
                File - %programfiles%\google\chrome\application\chrome.dll
 
Cleaning Result
-------------------------------------------------------
Cleaned               : 4
Reported as safe      : 0
Failed                : 0
 
 
_____________________________________________________________________________________
 
 
JRT Log:
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.0.9 (06.23.2015:1)
OS: Windows 8.1 x64
Ran by user on Tue 06/23/2015 at 22:45:00.06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Users\user\AppData\Roaming\appdataFr25.bin
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] C:\WINDOWS\syswow64\ai_recyclebin
 
 
 
~~~ Chrome
 
 
[C:\Users\user\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\user\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
 
[C:\Users\user\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\user\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 06/23/2015 at 22:47:47.06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
_________________________________________________________________________________________________________
 
 
AdwCleaner Log:
 
 
# AdwCleaner v4.207 - Logfile created 23/06/2015 at 22:52:11
# Updated 21/06/2015 by Xplode
# Database : 2015-06-23.1 [Server]
# Operating system : Windows 8.1  (x64)
# Username : user - JZHANG
# Running from : C:\Users\user\Downloads\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17840
 
 
-\\ Google Chrome v43.0.2357.130
 
 
*************************
 
AdwCleaner[R0].txt - [719 bytes] - [23/06/2015 22:51:50]
AdwCleaner[S0].txt - [645 bytes] - [23/06/2015 22:52:11]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [703  bytes] ##########
 

 



#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:36 AM

Posted 24 June 2015 - 06:22 AM

Adware Removal Tool.
 
Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

Source: http://www.techsupportall.com/adware-removal-tool/

LOr0Gd7.png

Hit Ok.

sYFsqHx.png

Hit next make sure to leave all items checked, for removal.

8NcZjGc.png


The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete,  then OK again to finish up. Post log generated by tool.

 

Step 2: ZHP Cleaner.

 

Download and save ZHP Cleaner to your desktop.

http://www.nicolascoolman.fr/download/zhpcleaner-2/

Right Click and run as administrator.

Click on the Repair button.

At the end of the process you will be asked to reboot your machine.

After you reboot a report will open on your desktop.

Copy and paste the report here in your next reply.

 

Step 3: Security Check.

 

Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document

 

 

 

Step 4: Minitoolbox.

 

Please download [b]MINITOOLBOX and run it.



Checkmark following boxes:


Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.

 

Eset Scan

http://www.eset.com/us/online-scanner/
 

Disable your antivirus prior to this scan.

http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/

 
 
 esetonlinebtn.png
 

  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.


#5 annoyeduser

annoyeduser
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:36 AM

Posted 24 June 2015 - 07:07 PM

Thank you for your help (again). I believe that i have slightly messed up the ZRT log, as I accidentally reran the scan after cleaning the files before saving the previous log; nevertheless, here are the others:

 

____________________________________________________________________________

 

Adware Removal Tool Log: 

 

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * 
 
Adware Removal Tool v3.9
Time: 2015_06_24_18_30_58
OS: Windows 8 - 64 Bit
Account Name: user
U0L0S11
 
\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\
 
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:masterclsid
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422B-ADF8-83D1E48CC825}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}:dllname
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2EECD738-5844-4A99-B4B6-146BF802613B}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{472734EA-242A-422B-ADF8-83D1E48CC825}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{98889811-442D-49DD-99D7-DC866BE87DBC}
 
\\ Finished
_____________________________________________________________________________________________
 
 
 
Checkup:
 
 

 Results of screen317's Security Check version 1.004  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Security Center service is not running! This report may not be accurate! 
 Windows Firewall Enabled!  
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Zemana AntiMalware    
 Java 7 Update 60  
 Java version 32-bit out of Date! 
  Adobe Flash Player 17.0.0.190 Flash Player out of Date!  
 Adobe Reader XI  
 Google Chrome (43.0.2357.130) 
 Google Chrome (GoogleUpdateHelper.dll..) 
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSMpEng.exe 
 Zemana AntiMalware ZAM.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 
 
_________________________________________________________________________________
 
 
 

MiniToolBox Log:

 

MiniToolBox by Farbar  Version: 22-06-2015
Ran by user (administrator) on 24-06-2015 at 18:59:17
Running from "C:\Users\user\Downloads"
Microsoft Windows 8.1  (X64)
Model: Satellite P875 Manufacturer: TOSHIBA
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
Hosts file not detected in the default directory
========================= IP Configuration: ================================
 
Intel® Centrino® Wireless-N 2200 = Wi-Fi (Connected)
Qualcomm Atheros AR8162/8166/8168 PCI-E Fast Ethernet Controller (NDIS 6.30) = Ethernet 2 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Ethernet 2" nexthop=10.3.65.1 publish=Yes
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ethernet_11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ethernet_7" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ethernet_3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
add address name="Ethernet 2" address=10.3.65.63 mask=255.0.0.0
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : JZhang
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : home
 
Wireless LAN adapter Local Area Connection* 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 9C-4E-36-80-A3-51
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Ethernet 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Qualcomm Atheros AR8162/8166/8168 PCI-E Fast Ethernet Controller (NDIS 6.30)
   Physical Address. . . . . . . . . : 00-8C-FA-2A-E5-40
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wi-Fi:
 
   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 2200
   Physical Address. . . . . . . . . : 9C-4E-36-80-A3-50
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::fc91:9692:f059:4f7b%2(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, June 24, 2015 6:48:39 PM
   Lease Expires . . . . . . . . . . : Thursday, June 25, 2015 6:48:40 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 379342390
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-4F-67-F6-00-8C-FA-2A-E5-40
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter Local Area Connection* 3:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:cf:603:3f57:fefc(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::cf:603:3f57:fefc%5(Preferred) 
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 100663296
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-4F-67-F6-00-8C-FA-2A-E5-40
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.home:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  Wireless_Broadband_Router.home
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2607:f8b0:4006:80d::1009
 65.199.32.155
 65.199.32.148
 65.199.32.152
 65.199.32.153
 65.199.32.151
 65.199.32.154
 65.199.32.149
 65.199.32.150
 
 
Pinging google.com [65.199.32.152] with 32 bytes of data:
Reply from 65.199.32.152: bytes=32 time=8ms TTL=59
Reply from 65.199.32.152: bytes=32 time=9ms TTL=59
 
Ping statistics for 65.199.32.152:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 8ms, Maximum = 9ms, Average = 8ms
Server:  Wireless_Broadband_Router.home
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  98.139.183.24
 98.138.253.109
 206.190.36.45
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=49ms TTL=53
Reply from 98.138.253.109: bytes=32 time=48ms TTL=53
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 48ms, Maximum = 49ms, Average = 48ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  6...9c 4e 36 80 a3 51 ......Microsoft Wi-Fi Direct Virtual Adapter
  4...00 8c fa 2a e5 40 ......Qualcomm Atheros AR8162/8166/8168 PCI-E Fast Ethernet Controller (NDIS 6.30)
  2...9c 4e 36 80 a3 50 ......Intel® Centrino® Wireless-N 2200
  1...........................Software Loopback Interface 1
  5...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
  7...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.3     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.3    281
      192.168.1.3  255.255.255.255         On-link       192.168.1.3    281
    192.168.1.255  255.255.255.255         On-link       192.168.1.3    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.3    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.3    281
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0        10.3.65.1  Default 
===========================================================================
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  5    306 ::/0                     On-link
  1    306 ::1/128                  On-link
  5    306 2001::/32                On-link
  5    306 2001:0:9d38:6abd:cf:603:3f57:fefc/128
                                    On-link
  2    281 fe80::/64                On-link
  5    306 fe80::/64                On-link
  5    306 fe80::cf:603:3f57:fefc/128
                                    On-link
  2    281 fe80::fc91:9692:f059:4f7b/128
                                    On-link
  1    306 ff00::/8                 On-link
  2    281 ff00::/8                 On-link
  5    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [55296] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [69120] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30720] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (06/24/2015 06:32:07 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_SSDPSRV, version: 6.3.9600.17415, time stamp: 0x54504177
Faulting module name: ntdll.dll, version: 6.3.9600.17736, time stamp: 0x550f4336
Exception code: 0xc0000005
Fault offset: 0x0000000000031b09
Faulting process id: 0x61c
Faulting application start time: 0xsvchost.exe_SSDPSRV0
Faulting application path: svchost.exe_SSDPSRV1
Faulting module path: svchost.exe_SSDPSRV2
Report Id: svchost.exe_SSDPSRV3
Faulting package full name: svchost.exe_SSDPSRV4
Faulting package-relative application ID: svchost.exe_SSDPSRV5
 
Error: (06/23/2015 10:52:16 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.
 
 
Details:
The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)
 
Error: (06/23/2015 10:52:16 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.
 
Context: Windows Application
 
 
Details:
The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)
 
Error: (06/23/2015 10:52:16 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)
 
Error: (06/23/2015 10:52:16 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)
 
Error: (06/23/2015 10:52:16 PM) (Source: Windows Search Service) (User: )
Description: The plug-in manager <Search.TripoliIndexer> cannot be initialized.
 
Context: Windows Application
 
 
Details:
(HRESULT : 0x8e5e0210) (0x8e5e0210)
 
Error: (06/23/2015 10:52:16 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.
 
 
Details:
The content index catalog is corrupt.   0xc0041801 (0xc0041801)
 
Error: (06/23/2015 10:52:16 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=4810 - enduser\mssearch2\search\ytrip\common\util\jetutil.cpp (167)}. The service will attempt to automatically correct this problem by rebuilding the index.
 
 
Details:
0x8e5e0210 (0x8e5e0210)
 
Error: (06/23/2015 10:52:16 PM) (Source: ESENT) (User: )
Description: SearchIndexer (2340) Windows: Error -1811 (0xfffff8ed) occurred while opening logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb003B1.log.
 
Error: (06/23/2015 08:24:53 PM) (Source: Microsoft-Windows-LocationProvider) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
 
 
System errors:
=============
Error: (06/24/2015 06:59:18 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (06/24/2015 06:52:54 PM) (Source: Service Control Manager) (User: )
Description: The Background Intelligent Transfer Service service hung on starting.
 
Error: (06/24/2015 06:48:39 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (06/24/2015 06:37:36 PM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: 
%%1056
 
Error: (06/24/2015 06:37:18 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (06/24/2015 06:37:06 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (06/24/2015 06:32:07 PM) (Source: Service Control Manager) (User: )
Description: The UPnP Device Host service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.
 
Error: (06/24/2015 06:32:07 PM) (Source: Service Control Manager) (User: )
Description: The Time Broker service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (06/24/2015 06:32:07 PM) (Source: Service Control Manager) (User: )
Description: The SSDP Discovery service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.
 
Error: (06/24/2015 06:31:12 PM) (Source: DCOM) (User: JZHANG)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
 
Microsoft Office Sessions:
=========================
Error: (06/24/2015 06:32:07 PM) (Source: Application Error)(User: )
Description: svchost.exe_SSDPSRV6.3.9600.1741554504177ntdll.dll6.3.9600.17736550f4336c00000050000000000031b0961c01d0ae28ea8bb5f6C:\WINDOWS\system32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dlld7fe1c99-1ac0-11e5-beb5-008cfa2ae540
 
Error: (06/23/2015 10:52:16 PM) (Source: Windows Search Service)(User: )
Description: 
Details:
The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)
 
Error: (06/23/2015 10:52:16 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application
 
 
Details:
The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)
 
Error: (06/23/2015 10:52:16 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)
 
Error: (06/23/2015 10:52:16 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)
Search.TripoliIndexer
 
Error: (06/23/2015 10:52:16 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application
 
 
Details:
(HRESULT : 0x8e5e0210) (0x8e5e0210)
Search.TripoliIndexer
 
Error: (06/23/2015 10:52:16 PM) (Source: Windows Search Service)(User: )
Description: 
Details:
The content index catalog is corrupt.   0xc0041801 (0xc0041801)
The catalog is corrupt
 
Error: (06/23/2015 10:52:16 PM) (Source: Windows Search Service)(User: )
Description: 
Details:
0x8e5e0210 (0x8e5e0210)
4810 - enduser\mssearch2\search\ytrip\common\util\jetutil.cpp (167)
 
Error: (06/23/2015 10:52:16 PM) (Source: ESENT)(User: )
Description: SearchIndexer2340Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb003B1.log-1811 (0xfffff8ed)
 
Error: (06/23/2015 08:24:53 PM) (Source: Microsoft-Windows-LocationProvider)(User: NT AUTHORITY)
Description: -2147024883
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-04-27 19:57:20.922
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-04-27 19:57:20.804
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-03-06 19:02:12.142
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-03-06 19:02:12.036
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-12-31 15:12:59.219
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-12-31 15:12:59.143
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
=========================== Installed Programs ============================
 
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - Treyarch)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
Cypress PSoC Programmer 3.12 Production (HKLM-x32\...\{A7440157-7C76-4104-85D7-B7083D67F4CC}) (Version: 3.12 - Cypress Semiconductor)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Darkest Dungeon (HKLM-x32\...\Steam App 262060) (Version:  - Red Hook Studios)
Deus Ex: Human Revolution - Director's Cut (HKLM-x32\...\Steam App 238010) (Version:  - Eidos Montreal)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
FRC Toolchain (HKLM-x32\...\{9684B7EB-EB4F-46FA-AC3B-59989C204510}) (Version: 1.0.14080 - WPI)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Google Chrome (HKLM-x32\...\{A4DE5CD7-96D6-3979-8C39-E864396AFFC0}) (Version: 65.223.153 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.27.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Intel® Driver Update Utility 2.0 (HKLM-x32\...\{59DB38EB-F864-4E10-841D-38CFBCF864B0}) (Version: 2.0.0.29 - Intel) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Invisible, Inc. (HKLM-x32\...\Steam App 243970) (Version:  - Klei Entertainment)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version:  - Monolith Productions, Inc.)
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version:  - TaleWorlds Entertainment)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.2 - Notepad++ Team)
Omerta - City of Gangsters (HKLM-x32\...\Steam App 208520) (Version:  - Haemimont Games)
Pixel Piracy (HKLM-x32\...\Steam App 264140) (Version:  - Vitali Kirpu)
Python 3.4.1 (HKLM-x32\...\{df32bb9e-3ed8-36b5-a649-e8c845c5f3a2}) (Version: 3.4.1150 - Python Software Foundation)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Razer Surround Driver Installer version 1.5 (HKLM-x32\...\{11B11FA5-41ED-43C1-AB4B-905DDEDC72A2}_is1) (Version: 1.5 - inXile Entertainment)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
StarBank (HKLM-x32\...\{9FD717D6-9657-400E-B634-A71E1ECEF164}) (Version: 1.7 - BlueRaja)
StarCraft II - Legacy of the Void Beta (HKLM-x32\...\StarCraft II - Legacy of the Void Beta) (Version:  - Blizzard Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Swiff Player 1.7.2 (HKLM-x32\...\Swiff Player_is1) (Version: 1.7.2 - GlobFX Technologies)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.1 - Synaptics Incorporated)
System Ninja version 3.0.6 (HKLM-x32\...\{6E67710E-206D-43AB-BF21-E7CD63056C55}_is1) (Version: 3.0.6 - SingularLabs)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - Runic Games)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.38 - TOSHIBA Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
Wasteland 2 (HKLM-x32\...\Steam App 240760) (Version:  - inXile Entertainment)
Windows Driver Package - Texas Instruments (usbser) Ports  (04/08/2011 1.04) (HKLM\...\3F1440DE37099CDA895A72E0B0F943AF64B52FB1) (Version: 04/08/2011 1.04 - Texas Instruments)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Wipe (HKLM\...\wipe) (Version: 2015.06 - PrivacyRoot.com)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.15.721 - Zemana Ltd.)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 15%
Total physical RAM: 8076.22 MB
Available physical RAM: 6801.9 MB
Total Pagefile: 8652.22 MB
Available Pagefile: 7329.8 MB
Total Virtual: 4095.88 MB
Available Virtual: 3967.2 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:930.55 GB) (Free:718.09 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\JZHANG
 
Administrator            Guest                    user                     
 
 
**** End of log ****
 
_____________________________________________________________________
 
 
Eset Log:
 

C:\Program Files\Adware-Removal-Tool\ARTP3.exe MSIL/FakeTool.PS trojan cleaned by deleting - quarantined
C:\Users\user\Downloads\ccsetup506.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
 


#6 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:36 AM

Posted 25 June 2015 - 05:25 PM

How is your machine running? Any issues?



#7 annoyeduser

annoyeduser
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:36 AM

Posted 25 June 2015 - 06:11 PM

The ads have disappeared for now, although in my experience this doesn't mean much, as they could still reappear; I appreciate your help in this regardless. 



#8 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:36 AM

Posted 25 June 2015 - 09:26 PM

Run a full scan with Reason Core Security

 

pd9wnxI.jpg

Remove infections reboot.

 

 

Run an advanced scan with  Crystal Security.

 

YwB0fU0.jpg

Remove infections reboot.

 

 

 

Download Malwrebytes from the link below.
https://www.malwarebytes.org/
Select update.
jBVKBI0.png
Then Select Scan Now.
js1M2HF.png
Once the scan is completed.
Remove anything found.
Then go to the History tab.
Then go to the application logs.
Then go to scan log.
Export.
Copy to clipboard.
Post it here in your next reply.

 

 

9-Lab Scan
 
Download 9-Lab Removal Tool. from one of the links below.

CLICK HERE to determine whether you're running 32-bit or 64-bit for Windows.
 

http://9-lab.com/download/

Install the program onto your computer, then right click the icon RRXH2ZG.jpg run as administrator.

Go to the Update tab and update the program.

ZT1y9rP.png

Now go to the scanner tab and select Full Scan.

k68m97f.png

Upon Scan Completion Click Show Results.

FihDIFx.png

Now click the Clean button.

eCCJKcA.png

Once done cleaning you can go to the logs tab double click it and copy paste in your next reply.

 

 

Download Malwarebytes Anti-Rootkit to your desktop.

  • Double-click the icon to start the tool.
  • It will ask you where to extract make sure it is on the desktop.
  • Malwarebytes Anti-Rootkit needs to be run from an account with admin rights.
  • Click next to continue.
  • Then Click Update
  • Once the update is Finished select Next then Scan.
  • If no malware has been found, at the end of scan select Exit
  • If an infection was found, make sure to select all items and click Cleanup.
  • Reboot your machine.
  • Open the MBAR folder and paste the content of the following into your next reply:
  • mbar-log-{date} (xx-xx-xx).txt
  • system-log.txt


#9 annoyeduser

annoyeduser
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:36 AM

Posted 27 June 2015 - 04:23 PM

Nothing was found on any of the programs, and the ads have not reappeared.



#10 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:36 AM

Posted 27 June 2015 - 07:33 PM

Make sure and update the following with the tools in the links below...

 

 Java version 32-bit out of Date!
  Adobe Flash Player 17.0.0.190 Flash Player out of Date!
 
Are you happy with just windows defender protecting your machine? I will suggest a couple better ones if you wish.
 
  • Click here to download  RstHosts v2.0
  • Save the file to your desktop.
  • Right Click and Run as Administrator.

HtcveT6.png

 

 

 

Some Suggested Software To Keep You Safe On The Internet.

 

Click Me To Update Software. Update your software for free. 

Qualys BrowserCheck To update plugins.

Web Of Trust  To Avoid  Shady Websites.

Unchecky To Avoid Bundled Software.

AdBlock Plus To Browse The Web Ad Free.

Malwarebytes Anti Exploit To Block Zero Day Attacks.

 Malwarebytes Startup Lite To Disable Useless Items Starting With Your Computer.

 FanBoys Ultimate list.  Add The Ultimate List.

ToolWhiz Smart Defrag  Defrag Your Machine With Speed.

For Chrome Adguard

For FireFox Adguard

 

Now Lets Clean up the tools we used and remove old restore points.

 

Download DelFix by "Xplode" to your Desktop.
Right Click the tool and Run as Admin ( Xp Users Double Click)
Put a check mark next the items below:


Remove disinfection tools
Create registry backup
Purge System Restore




Now click on "Run" button.
allow the program to complete its work.
all the tools we used will be removed.
Tool will create and open a log report (DelFix.txt)
Note: The report can be located at the following location C:\DelFix.txt

 

 


Edited by InadequateInfirmity, 27 June 2015 - 07:34 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users